MS Office is under attack on all fronts and cybercriminals are bombarding the platform with a series of fresh attacks on a daily basis. The relentless march of cyber invasions on the Office platform is nowhere close to halting any time sooner.
MS Office
MS Office platform is now the center of attraction for master hackers and cybercriminals when carrying out attacks and the cruelty of attacks are getting more intense with every passing day, reported by Kaspersky Lab researchers in a presentation at its annual security conference, Security Analyst Summit, in Singapore. The Office products are today’s top target for cybercriminals, according to attack and exploitation data gathered by Kaspersky Lab.
The cyber threat landscape has dramatically transformed in the past two years with a rapid surge in a number of incidents, presented by Boris Larin, Vlad Stolyarov, and Alexander Liskin. They urged users to keep their software and programs updated to the latest standards and avoid opening files that come from unknown sources to reduce the risk of infection.
Of all the cyber attacks and threats intercepted by Kaspersky Lab, more than 70% of them are targeting Microsoft Office, and barely 14% take advantage of browsing vulnerabilities. That’s four times the percentage of attacks suffered by the company two years ago. They have discovered a mounting surge of cyber attacks toward MS Office platform.
Cyber Attacks target to exploit outdated Office components
About 2 years back in time, the scenario was a lot different. Web-based browsing vulnerabilities accounted for 45% of the attacks and MS Office shared a meager 16% of attacks. But now, the attacks are intended to abuse the vulnerabilities of Microsoft Office. In a separate notification, Kaspersky also highlighted that the most fragile vulnerabilities exist in related components, not in MS Office itself. For instance, the equation editor vulnerabilities CVE-2017-11882 and CVE-2018-0802 are now two of the most exploited bugs discovered in MS Office.
A look in the most exploited vulnerabilities of 2018 confirms exactly that: Malware authors prefer simple, logical bugs, Kaspersky notified. If we simply put, the reason for this change revolves around the fact that these types of vulnerabilities are much easier to write code due to their simplicity in comparison to other cyber attacks and exploits. They tend to be the most reliable as Office maintains backward compatibility for older MS Office version and work in every version of MS Word released in the past 17 years. So building an exploit for either one requires no special abilities, Kaspersky researchers noted.
Read More
| It is currently Fri Apr 19, 2024 11:31 am |
- Board index
- All times are UTC-04:00
- Delete cookies